Proximity cards and smart cards have mostly replaced physical keys as an efficient and somewhat secure means for entry access, especially in offices and business applications. There is now a shift from proximity cards and smart cards to smartphones.
The moving of access control functionality into smartphones stems from the desire to eliminate the proximity card or smart card as a separate physical device that one has to carry for the singular purpose of access control. The smartphone is a device that is now ubiquitously carried on one's person at all times, is a multi-functional device that has the consolidated functionality of many different devices we used to carry (e.g., telephone, email, web browser, music player, video player, voice recorder, calculator, secure payment device, etc.), and includes the functionality to operate as a physical access card. In particular, smartphones, like physical access cards, have one or more antennas or radios to wirelessly communicate, and also integrated circuits to securely store and transfer access credentials.
However, security is a significant challenge when adapting a smartphone to act as an access control device. The fundamental basis for having access control is security. Therefore, if the smartphone can be tricked, hacked, or spoofed in circumventing the security measures put in place for access control, the smartphone becomes the weakest link and easy target for bypassing those security measures.
Proximity cards and smart cards activate when placed within a few inches of a reader that is in close proximity of an entry point where access is desired. The reader produces a magnetic field from which the proximity card or smart card draws power. The power is supplied to an integrated circuit on the card that then obtains and wirelessly transfers the user's access credentials to the reader via the card's antenna. The reader forwards the access credentials to an access control unit (ACU). The ACU stores the access privileges that different users have with respect to different entry points under control of the ACU. The ACU can then open access to the entry point that is in close proximity to the reader or deny access depending on the access credentials and associated access privileges.
Smartphones have batteries. The batteries power one or more wireless radios and processors of the smartphone. The one or more wireless radios and processors can collectively obtain and wirelessly transfer user access credentials like proximity cards and smart cards. However, the smartphones are not dependent on the reader for power and can wirelessly transmit the access credentials directly to the ACU without the reader acting as a proxy. In other words, the smartphones can request access even when away from the reader or point of access where access is desired. Thus, proximity verification becomes a security challenge with smartphones where it did not exist with physical access cards.
Proximity verification verifies that an entity using a smartphone to send an access request to a particular point of access is physically present at the particular point of access. Without proximity verification, attackers can attempt to remotely access different points of access without being physical present, and if successful, provide unknown third parties with access. Even authorized access can be compromised if an authorized user remotely opens access to allow another to enter without physically being present to supervise the access. These are just some examples of how security controls can be bypassed if smartphones are used as access control devices without proximity verification.
Global Positioning System (GPS) and geo-fencing functionalities of the smartphone have been used in the past to address proximity verification issue. GPS provides location coordinates. However, the coordinates do not provide sufficient location specificity to differentiate user location in a multi-floor office building or even where the user is inside of a building when the GPS signal is lost or sporadic at best. Moreover, continual location tracking via GPS becomes a huge drain of the smartphone battery. Periodic location tracking via GPS can be used to preserve battery. However, periodic location tracking reduces the accuracy of the GPS coordinates even further.
GPS is also insecure. The signaling is not encrypted or authenticated in any way and tools are publicly available to spoof GPS as well as other geo-fencing techniques, such as WiFi based location detection. Rooted or hacked devices can also have their GPS positioning manipulated such that a rooted or hacked device thinks it is in a different position than it actually is in. For all these reasons, proximity verification via GPS is therefore suspect at best.
Facial recognition, voice recognition, and other biometric identity techniques can be integrated into the readers to verify user proximity. However, these techniques might not provide a sufficient degree of accuracy and are subject to various attacks. More importantly, these techniques are slow, processor intensive, and require expensive sensors, thereby making them unacceptable for high traffic points of access or low-cost implementations.
Accordingly, there is a need to verify the proximity of a user to a secure resource or point of access when the user smartphone or other mobile device is the basis for authenticating user access to the secure resource or point of access. There is a need for the proximity verification to occur efficiently and securely so as to not introduce delay in how long it takes the user or device to perform access authentication and gain access. There is further a need for the proximity verification to occur inexpensively and without user involvement so as to not complicate or degrade the user experience when using the smartphone or other mobile device as the means of authenticating user access.